From 625a014006d63ddb59c4b3b7520f0b14afbc18a3 Mon Sep 17 00:00:00 2001
From: Kevin Chyn <kchyn@google.com>
Date: Mon, 10 Apr 2017 14:53:59 -0700
Subject: [PATCH] Keyguard should authenticate with FP even after getting valid
 FP

There may be strange states where the user is already authenticated
but still on the lockscreen. The user should be able to dismiss
keyguard in that state.

Fixes: 29306222

Test: unlock phone
go back to keyguard
swipe up screen half way
touch fingerprint sensor (icon should change to unlocked)
then touch fingerprint sensor again (keyguard should be dismissed)

Test: unlock phone and go to settings -> Pixel Imprint
lock phone, unlock phone with fingerprint
touch sensor again and make sure Pixel Imprint page also responds to FP
do this test at least 10 times

Change-Id: I86acd520a06a68fab3548dd4cf6153a7833114fe
---
 .../keyguard/KeyguardUpdateMonitor.java       | 19 +++----------------
 .../fingerprint/AuthenticationClient.java     |  6 ++++++
 2 files changed, 9 insertions(+), 16 deletions(-)

diff --git a/packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java b/packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java
index f8d1bfbc18be6..7a6ac571f9e01 100644
--- a/packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java
+++ b/packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java
@@ -165,11 +165,6 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener {
     private int mPhoneState;
     private boolean mKeyguardIsVisible;
 
-    /**
-     * If true, fingerprint was already authenticated and we don't need to start listening again
-     * until the Keyguard has been dismissed.
-     */
-    private boolean mFingerprintAlreadyAuthenticated;
     private boolean mGoingToSleep;
     private boolean mBouncer;
     private boolean mBootCompleted;
@@ -409,11 +404,8 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener {
     private void onFingerprintAuthenticated(int userId) {
         Trace.beginSection("KeyGuardUpdateMonitor#onFingerPrintAuthenticated");
         mUserFingerprintAuthenticated.put(userId, true);
-
-        // If fingerprint unlocking is allowed, this event will lead to a Keyguard dismiss or to a
-        // wake-up (if Keyguard is not showing), so we don't need to listen until Keyguard is
-        // fully gone.
-        mFingerprintAlreadyAuthenticated = isUnlockingWithFingerprintAllowed();
+        // Don't send cancel if authentication succeeds
+        mFingerprintCancelSignal = null;
         for (int i = 0; i < mCallbacks.size(); i++) {
             KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get();
             if (cb != null) {
@@ -922,7 +914,6 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener {
             }
         }
         mGoingToSleep = true;
-        mFingerprintAlreadyAuthenticated = false;
         updateFingerprintListeningState();
     }
 
@@ -1092,8 +1083,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener {
 
     private boolean shouldListenForFingerprint() {
         return (mKeyguardIsVisible || !mDeviceInteractive || mBouncer || mGoingToSleep)
-                && !mSwitchingUser && !mFingerprintAlreadyAuthenticated
-                && !isFingerprintDisabled(getCurrentUser());
+                && !mSwitchingUser && !isFingerprintDisabled(getCurrentUser());
     }
 
     private void startListeningForFingerprint() {
@@ -1416,9 +1406,6 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener {
                 cb.onKeyguardVisibilityChangedRaw(showing);
             }
         }
-        if (!showing) {
-            mFingerprintAlreadyAuthenticated = false;
-        }
         updateFingerprintListeningState();
     }
 
diff --git a/services/core/java/com/android/server/fingerprint/AuthenticationClient.java b/services/core/java/com/android/server/fingerprint/AuthenticationClient.java
index 552f0d1f8b173..fe498135febac 100644
--- a/services/core/java/com/android/server/fingerprint/AuthenticationClient.java
+++ b/services/core/java/com/android/server/fingerprint/AuthenticationClient.java
@@ -36,6 +36,7 @@ public abstract class AuthenticationClient extends ClientMonitor {
 
     public abstract boolean handleFailedAttempt();
     public abstract void resetFailedAttempts();
+    private boolean mAlreadyCancelled;
 
     public AuthenticationClient(Context context, long halDeviceId, IBinder token,
             IFingerprintServiceReceiver receiver, int targetUserId, int groupId, long opId,
@@ -129,6 +130,10 @@ public abstract class AuthenticationClient extends ClientMonitor {
 
     @Override
     public int stop(boolean initiatedByClient) {
+        if (mAlreadyCancelled) {
+            Slog.w(TAG, "stopAuthentication: already cancelled!");
+            return 0;
+        }
         IBiometricsFingerprint daemon = getFingerprintDaemon();
         if (daemon == null) {
             Slog.w(TAG, "stopAuthentication: no fingerprint HAL!");
@@ -145,6 +150,7 @@ public abstract class AuthenticationClient extends ClientMonitor {
             Slog.e(TAG, "stopAuthentication failed", e);
             return ERROR_ESRCH;
         }
+        mAlreadyCancelled = true;
         return 0; // success
     }